I spent the first part of this week at Symantec’s Vision Conference in Las Vegas. There is a lot going on across the various enterprise assets that Symantec owns – security, storage, and management. I focused primarily on the security sessions and announcements.
On the positive side of what I heard:
- Symantec has taken the first step in a unified architecture for its disparate product offerings with the Symantec Protection Center — a common portal providing single sign-on to its disparate products that are proxied through it. Although it’s clear the products underneath come from different groups with a different look and feel, it’s a good veneer at this point, with tighter integration on the roadmap
- On the messaging and marketing side, Symantec talked quite a bit about the integration and convergence of IT operations and security with longer term roadmaps for better integration and sharing of information across its management and security assets. For now, the veneer provided by SPC above is the first step.
- Symantec unveiled its Data Insight offering as an add-on to its DLP offering. Finally, an offering that takes advantage of Symantec’s file system expertise (from the acquisition of Veritas) with its security expertise in the form of DLP. Data Insight is targeted to help solve one of the biggest issues with DLP projects – identifying data owners via observed usage patterns.
- Symantec had several cool proof of concept demonstrations of its workspace virtualization technology delivering a composite desktop using multiple layers created by separation of applications from the OS and the separation of user preferences from the OS and applications.
A few of the areas that still need improvement that I observed:
- Although Symantec is finally starting to talk about virtualization and security, it hasn’t made much meaningful progress. For example, even the basic ability to randomize and stagger scans for their Symantec Endpoint Protection antimalware client running on VDI servers is just now being added with its imminent SEP RU6. Its major competitors are ahead.
- Noticeably absent is a solid application control/whitelisting capability. Point solutions from Bit9, CoreTrace, Lumension and others are filling a real gap in protection that many of the AV vendors haven’t addressed. Further, McAfee’s acquisition of Solidcore and integration into EPO has put the heat on Symantec to deliver.
- Symantec did nothing to close its encryption gap. Sophos, Check Point and McAfee made their moves long ago. Symantec still needs its own technology that would span its security, messaging and storage offerings.
Overall, Symantec needed to show its customers why using the various acquisitions it has made over the years made sense and why using multiple products from Symantec work “better together”. After Enrique Salem’s first year, customers are finally starting to see this in shipping products.
Finally, the best quote I heard during the sessions came in a case study from a security professional from Continental Airlines discussing his company’s journey with the adoption of IT GRC and DLP technologies — “We were tool rich, but carpenter poor”.